Lucene search
K

38 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tipc: Improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structures from peer nodes to track their views of the network topology. This patch verifies tha...

5.5CVSS6.3AI score0.67994EPSS
Exploits2References2
Snyk
Snyk
added 2026/05/29 3:45 p.m.10 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the DnsEntry.php process. An attacker can inject arbitrary DNS records into zone...

8.6CVSS5.9AI score0.00269EPSS
Exploits0References2
OSV
OSV
added 2026/05/20 12:20 p.m.13 views

USN-8282-1 unbound vulnerabilities

Andrew Griffiths discovered that Unbound did not properly handle certain DNSCrypt packets. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. CVE-2026-32792 Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation in certa...

10CVSS6.1AI score0.01272EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.4 views

PT-2026-34634

Froxlor is open source server administration software. Prior to version 2.3.6, DomainZones::add accepts arbitrary DNS record types without a whitelist and does not sanitize newline characters in the content field. When a DNS type not covered by the if/elseif validation chain is submitted e.g.,...

8.5CVSS5.8AI score0.00347EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/16 12:47 a.m.7 views

CRLF Injection

Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to CRLF Injection via the DomainZones::add process. An attacker can inject arbitrary DNS records and BIND directives into zone files by submitting crafted DNS record types and content...

8.5CVSS5.8AI score0.00347EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/03/23 12:0 a.m.5 views

TLS Certificate and Domain Feature Analysis of Phishing Domains in the Danish .Dk Namespace

Phishing attacks remain a persistent cybersecurity threat, and the widespread adoption of TLS certificates has unintentionally enabled malicious websites to appear trustworthy to users. This study examines whether certificate metadata and domain characteristics can help distinguish phishing domai...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/02/19 10:43 p.m.4 views

CVE-2026-26952

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions 6.4 and below are vulnerable to stored HTML injection through the local DNS records configuration page, which allows an authenticated administrator to inject cod...

5.4CVSS5.7AI score0.0024EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.7 views

Pi-hole 安全漏洞

Pi-hole is a web-level ad blocking application developed by Pi-hole Inc. Versions of Pi-hole 6.4 and earlier contained a security vulnerability, which was caused by a storage-type HTML injection vulnerability in the local DNS record configuration page. This vulnerability could allow arbitrary HTM...

5.4CVSS6AI score0.0024EPSS
Exploits0References3
OSV
OSV
added 2025/12/09 4:17 p.m.2 views

UBUNTU-CVE-2025-59029

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

5.3CVSS5.8AI score0.00324EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988682)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988682 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node ...

9CVSS5.9AI score0.67994EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986904)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986904 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node ...

9CVSS5.9AI score0.67994EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-7008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature...

5.9CVSS6.6AI score0.00849EPSS
Exploits0References2
CVE
CVE
added 2025/08/11 4:25 p.m.28 views

CVE-2025-8866

Summary: CVE-2025-8866 affects the YugabyteDB Anywhere web server, where the /metamaster/universe API endpoint does not properly enforce authentication. What’s affected: YugabyteDB Anywhere web server (specific versions not enumerated in provided documents). Root cause (as described): Authenticat...

5.1CVSS7.3AI score0.00272EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/01/25 3:47 a.m.3 views

SUSE CVE-2025-0650

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

8.1CVSS6.5AI score0.00832EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2024/06/22 4:9 a.m.3 views

SUSE CVE-2022-48711

In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...

7CVSS6.2AI score0.00236EPSS
Exploits2References15
RedhatCVE
RedhatCVE
added 2024/06/20 12:26 p.m.36 views

CVE-2022-48711

In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...

5.5CVSS6.8AI score0.67994EPSS
Exploits2References4
OSV
OSV
added 2024/06/20 11:15 a.m.1 views

DEBIAN-CVE-2022-48711

In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...

5.5CVSS5.6AI score0.00236EPSS
Exploits2References1
OSV
OSV
added 2024/06/20 11:15 a.m.3 views

UBUNTU-CVE-2022-48711

In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...

5.5CVSS6.2AI score0.00236EPSS
Exploits2References11
Vulnrichment
Vulnrichment
added 2024/06/20 11:13 a.m.36 views

CVE-2022-48711 tipc: improve size validations for received domain records

In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...

6.8AI score0.00236EPSS
Exploits2References8
OSV
OSV
added 2024/06/20 11:13 a.m.34 views

CVE-2022-48711 tipc: improve size validations for received domain records

In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structs from peer nodes to track their views of the network topology. This patch verifies that t...

5.3CVSS5.9AI score0.00236EPSS
Exploits2References11
Rows per page
Query Builder